US TikTok influencer helped North Korean operatives land jobs at 300 Companies: DOJ

A woman in Arizona and an influencer of Tiktok were sentenced to a multi-year prison sentence for having helped the North Korean IT workers fraudulently secure distant jobs in more than 300 American companies.

Christina Marie Chapman, 50, was sentenced At 102 months in prison by a federal judge in Washington, DC, after pleading guilty to accusations of conspiracy of fraud by wire, aggravated identity theft and money laundering conspiracy.

The penalty also includes three years of supervised release. She was sentenced to losing more than $ 284,000 and paying $ 176,850 in return.

Chapman has exploited a “laptop farm” for North Korean agents

According to the American authorities, Chapman played a central role by allowing North Korean IT workers to present themselves as American citizens in order to obtain technological jobs at a distance.

From 2020, she operated a “laptop farm” of her home in Arizona, where computers sent by American companies were connected to distant agents abroad.

Using this configuration, the bad players – based largely in China and near North Korea – were able to hide their real locations and seemed to work in the United States.

Investigators say that Chapman went further by sending at least 49 aircraft to locations abroad, including a city near the North Chinese-Korea border. A search of his house in October 2023 led to the seizure of more than 90 laptops, many of whom labeled with the identity of the Americans whose personal information had been stolen or borrowed to commit fraud.

What does the Ministry of Justice claim?

The Ministry of Justice accused Chapman of having helped North Korean workers to submit false job requests under stolen American identities, to receive wages through American banks and to bleach profits via its own accounts.

She would have forged payroll checks and received direct deposits from companies that without knowing the North Korean agents. The income was then transferred abroad when it was falsely reported to the IRS and the Social Security Administration under the names of the American victims.

According to the complaint, Chapman’s actions have helped generate more than $ 17 million in illicit income for her and the Democratic People’s Republic of Korea.

The prosecutors said that his efforts also put sensitive American infrastructure in danger by allowing foreign agents to reach virtual access to fortune companies 500, government agencies, aerospace companies and technological companies in Silicon Valley.

Chapman’s operation has been active for several years and has been one of the largest of the genre linked to North Korean infiltration efforts.

In total, at least 68 stolen identities were used to deceive 309 American companies and two international companies. Certain job requests have even targeted American government agencies, although these attempts were unsuccessful.

The DOJ survey revealed that Chapman had not only managed and organized the material infrastructure, but also maintained detailed records connecting each device to a specific company and identity.

“Today’s conviction brings justice to the victims whose identities have been stolen for this international fraud program,” said special agent Carissa Messick of the IRS criminal investigation.

Cryptographic industry remains at risk

Over the years, the North Korean regime has siphoned billions of dollars in cryptocurrency assets to finance its sanctioned weapons programs.

American intelligence reports and private surveys have shown that the RPDC deploys thousands of qualified IT professionals abroadMany of which use VPNs, false documents and stolen identities to integrate into Western companies.

A Chainalysis report revealed that pirates linked to North Korea Stolen $ 1.34 billion in cryptocurrency in 2024 alone. The cryptographic industry has proven to be a frequent target because of its decentralized nature and its relatively relaxed hiring protocols for remote roles.

US agencies have increased efforts to disrupt the computer infiltration network of North Korea by targeting key infrastructure and agents.

Despite these efforts, American officials believe that hundreds of workers linked to the PDR remains anchored in companies around the world, including in cryptographic space.